Security and Privacy Program

DataWELL Informatics has built and maintains security and privacy program designed to protect information assets of DataWELL and DataWELL’s clients.​

Adhering to the HITRUST Common Security Framework and utilizing guidance from NIST and regulatory requirements such as HIPAA, DataWELL is positioned to protect client data during all phases of the data lifecycle.​

Data Privacy is an ongoing challenge in today’s connected world. DataWELL adheres to HIPAA Privacy Rule and States’ privacy requirements. DataWELL seeks guidance from IAPP, the International Association of Privacy Professionals and DataWELL’s CSO holds the IAPP/US privacy credential.

  Compliance & Certifications

DataWELL Informatics maintains a SOC2 Type 2 Certification. DataWELL’s current report covers the period from November 1, 2022, to October 31, 2023. DataWELL will provide a Bridge Letter to clients and prospective clients upon request.

DataWELL utilizes HITRUST r2 Validated cloud partners for all healthcare data transfer, access, database and storing. DataWELL Informatics maintains a HITRUST subscription and readiness for a validated assessment.  DataWELL’s CSO holds the CCSFP credential and participates in HITRUST-sponsored forums and the annual HITRUST Collaborate conference.